[SA12639] Computer Associates Unicenter Common Services Password Disclosure

TITLE: Computer Associates Unicenter Common Services Password Disclosure SECUNIA ADVISORY ID: SA12639 VERIFY ADVISORY: http://secunia.com/advisories/12639/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: Local system SOFTWARE: CA Unicenter ServicePlus Service Desk 6.x...

[SA12476] Net-Acct Insecure Temporary File Creation Vulnerability

TITLE: Net-Acct Insecure Temporary File Creation Vulnerability SECUNIA ADVISORY ID: SA12476 VERIFY ADVISORY: http://secunia.com/advisories/12476/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Net-Acct 0.x http://secunia.com/product/3875/ DESCRIPTION: Stefan...

[SA12375] GNU a2ps Command Injection Vulnerability

TITLE: GNU a2ps Command Injection Vulnerability SECUNIA ADVISORY ID: SA12375 VERIFY ADVISORY: http://secunia.com/advisories/12375/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: GNU a2ps 4.x http://secunia.com/product/3837/ DESCRIPTION: Rudolf Polzer has...

VentaFax Privilege escalation

VentaEngine available via systray runs with Local System privilege. On double click file selsction meny is open. It allows "Execute" command to be choosen for executable files...

Mandrake Linux Security Advisory : pine (MDKSA-2001:047-1)

Versions of the Pine email client prior to 4.33 have various temporary file creation problems, as does the pico editor. These issues allow any user with local system access to cause any files owned by any other user, including root, to potentially be overwritten if the conditions were right. Upda...

Trendmicro Officesscan privilege escalation

During virus detection help is launched from local system...

[VulnWatch] [SHATTER Team Security Alert] Microsoft Windows Utility Manager Vulnerability

Microsoft Windows Utility Manager Vulnerability April 13, 2004 Risk Level: High Summary: A local elevation of privileges vulnerability exists on the Windows Utility Manager that allows to any user to take complete control over the operating system. Versions Affected: All products in the Windows...

Dell TrueMobile privilege escalation

it's possible to obtain local system privileges through help subsystem...

Agnitum Outpost privilege escalation

It's possible to obtain local system privileges with help or adding new filter...

Microsoft FrontPage Server Extensions contains buffer overflow in remote debugging functionality

Overview Microsoft FrontPage Server Extensions contains a vulnerability that allows remote attackers to execute arbitrary code with local system privileges. Description Microsoft FrontPage Server Extensions FPSE is an optional set of tools that adds functionality to a web site. This functionality...

NIPrint multiple bugs

Remote buffer overflow, help access with local system...

NSFOCUS SA2003-06 : Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-06 Topic: Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability Release Date: 2003-09-11 CVE CAN ID: CAN-2003-0528 http://www.nsfocus.com/english/homepage/research/0306.htm Affected system: ==================...

Microsoft Internet Explorer 56 - Object Type Validation

Microsoft Internet Explorer 56 - Object Type Validation source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a...

Microsoft Internet Explorer 5/6 - Object Type Validation

source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be executed ...

DameWare Mini Remote Control Server - System

DameWare Mini Remote Control Server - System / DameWare Mini Remote Control Server Local SYSTEM Exploit Vulnerable Versions Prior to 3.71.0.0 by [email protected] This code is based on shards.cpp by xenophile / define WIN32LEANANDMEAN include include pragma warningdisable: 4305 pragma...

DameWare Mini Remote Control Server - System

/ DameWare Mini Remote Control Server Local SYSTEM Exploit Vulnerable Versions Prior to 3.71.0.0 by [email protected] This code is based on shards.cpp by xenophile / define WIN32LEANANDMEAN include include pragma warningdisable: 4305 pragma warningdisable: 4309 void MakeShellCode char buffer...

Microsoft Windows - DCOM RPC Interface Buffer Overrun

Microsoft Windows - DCOM RPC Interface Buffer Overrun source: https://www.securityfocus.com/bid/8205/info A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficien...

Microsoft Windows - DCOM RPC Interface Buffer Overrun

source: https://www.securityfocus.com/bid/8205/info A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficient bounds checking of client DCOM object activation...

[Full-Disclosure] [sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

HP Compaq Insight Management Agent 5.0 - Format String

HP Compaq Insight Management Agent 5.0 - Format String source: https://www.securityfocus.com/bid/8336/info The Compaq Management Agent HTTP server is vulnerable to a format string issue. A remote attacker may be able to exploit this vulnerability in order to execute arbitrary code with Local Syst...